GDRP Part I

What is GDPR?

GDPR = G​eneral ​D​ata ​Protection R​egulation. This is a regulation in EU law that is applicable in the UK regarding ​information privacy​ (data protection). It also includes strict regulations regarding data transferred outside of the EU.

The aim of GDPR is:
● To ensure peoples’ personal information is handled responsibly;
● There is accountability if their personal data is compromised.

What is data?
Data is information which is:
● Stored on digital devices;
● Part of a filing system;
● Part of an accessible record;
● Recorded by a public authority – such as a school.
It does ​not​ apply to paper documents not held in a structured form, for example notes kept on a writing pad in your drawer. Personal data Personal data is any form of data that could be used to identify a person such as name, address, D.O.B, NI number, medical records and ethnicity.

Where might I encounter personal information? Working in a school environment means you may come across personal and sensitive information and should be mindful of GDPR. Some examples include:
Student personal information:​ student attitudes and observations; contact information; medical notes and attendance. Sensitive personal data:​ political opinions; religious beliefs and racial/ethnic origin.

Read part II